			     BASH PATCH REPORT
			     =================

Bash-Release:	5.2
Patch-ID:	bash52-001

Bug-Reported-by:	Emanuele Torre <torreemanuele6@gmail.com>
Bug-Reference-ID:	<CAA7hNqeR1eSdiGK8mjQSqJPo815JYoG-Ekz-5PrAJTEYy2e6hg@mail.gmail.com>
Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-09/msg00060.html

Bug-Description:

Expanding unset arrays in an arithmetic context can cause a segmentation fault.

Patch (apply with `patch -p0'):

*** ../bash-5.2/subst.c	2022-08-31 17:36:46.000000000 -0400
--- subst.c	2022-09-30 09:12:05.000000000 -0400
***************
*** 10858,10862 ****
    t = expand_subscript_string (exp, quoted & ~(Q_ARITH|Q_DOUBLE_QUOTES));
    free (exp);
!   exp = sh_backslash_quote (t, abstab, 0);
    free (t);
  
--- 10858,10862 ----
    t = expand_subscript_string (exp, quoted & ~(Q_ARITH|Q_DOUBLE_QUOTES));
    free (exp);
!   exp = t ? sh_backslash_quote (t, abstab, 0) : savestring ("");
    free (t);
  
*** ../bash-5.2/patchlevel.h	2020-06-22 14:51:03.000000000 -0400
--- patchlevel.h	2020-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 0
  
  #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 1
  
  #endif /* _PATCHLEVEL_H_ */
